Certified Information Systems Auditor (CISA) — Question 944

An IS auditor is providing input to an RFP to acquire a financial application system. Which of the following is MOST important for the auditor to recommend?

Answer options

• A. The application should meet the organization's requirements.
• B. Vendor employee background checks should be conducted regularly.
• C. Audit trails should be included in the design.
• D. Potential suppliers should have experience in the relevant area.

Correct answer: A

Explanation

The correct answer is A because ensuring that the application meets the organization's requirements is fundamental for its success and usability. While options B, C, and D are also important considerations, they are secondary to the necessity of the application fulfilling the specific needs of the organization.